Compare commits

...

6 Commits

Author SHA1 Message Date
default 3be388b8ef upd: [bitwarden] migrate to vaulwarden docker image 3 years ago
Valentin Lab 8db201ab0f new: [mailhog] new charm 3 years ago
Valentin Lab 2b5935e361 chg: [peertube] upgrade to ``v4.1.0`` 3 years ago
Valentin Lab c405bf7512 chg: [keycloak] upgrade to version ``17.0.1`` 3 years ago
Valentin Lab 366c2810b3 new: [postgres] allow relation options ``encoding``, ``lc-collate``, ``lc-ctype``, ``template`` 3 years ago
Valentin Lab c27b9e6f1c new: [monujo] support any section in options to transfer in ``config.json`` 3 years ago
  1. 1
      bitwarden/metadata.yml
  2. 32
      keycloak/README.rst
  3. 12
      keycloak/build/Dockerfile
  4. 37
      keycloak/hooks/post_deploy
  5. 9
      keycloak/hooks/postgres_database-relation-joined
  6. 7
      keycloak/hooks/web_proxy-relation-joined
  7. 4
      keycloak/metadata.yml
  8. 31
      mailhog/metadata.yml
  9. 72
      monujo/lib/common
  10. 7
      peertube/build/Dockerfile
  11. 2
      peertube/build/docker-compose.yml
  12. 11
      postgres/hooks/postgres_database-relation-joined
  13. 3
      postgres/lib/common

1
bitwarden/metadata.yml

@ -1,6 +1,7 @@
description: Bitwarden Server description: Bitwarden Server
#docker-image: bitwardenrs/server:1.22.2-alpine #docker-image: bitwardenrs/server:1.22.2-alpine
docker-image: docker.0k.io/bitwarden:1.22.2 docker-image: docker.0k.io/bitwarden:1.22.2
docker-image: vaultwarden/server:latest
data-resources: data-resources:
- /data - /data
uses: uses:

32
keycloak/README.rst

@ -0,0 +1,32 @@
Description
===========
Using ``keycloak`` version 17.0
Usage
=====
To start with ``keycloak``, just put this service in your
``compose.yml``::
keycloak:
options:
admin-password: CHANGEME
relations:
web-proxy:
frontend:
domain: id.mydomain.fr
Customize theme
===============
You can customize theme by putting your theme in
``/srv/datastore/data/keycloak/opt/keycloak/themes``
For example copy the material folder from
https://github.com/MAXIMUS-DeltaWare/material-keycloak-theme and
restart ``keycloak``.
Then go to your admin console, log in and go to the realm/themes part
to choose you new theme

12
keycloak/build/Dockerfile

@ -0,0 +1,12 @@
FROM docker.0k.io/keycloak:17.0.1 as builder
ENV KC_METRICS_ENABLED=true
ENV KC_FEATURES=token-exchange
ENV KC_DB=postgres
RUN /opt/keycloak/bin/kc.sh build
FROM docker.0k.io/keycloak:17.0.0
COPY --from=builder /opt/keycloak/lib/quarkus/ /opt/keycloak/lib/quarkus/
WORKDIR /opt/keycloak
ENV KC_LOG_LEVEL=INFO
ENTRYPOINT ["/opt/keycloak/bin/kc.sh", "start"]

37
keycloak/hooks/post_deploy

@ -1,37 +0,0 @@
#!/bin/bash
## Init is run on host
## For now it is run every time the script is launched, but
## it should be launched only once after build.
## Accessible variables are:
## - SERVICE_NAME Name of current service
## - DOCKER_BASE_IMAGE Base image from which this service might be built if any
## - SERVICE_DATASTORE Location on host of the DATASTORE of this service
## - SERVICE_CONFIGSTORE Location on host of the CONFIGSTORE of this service
PASSWORD_SET_CONTROL="$SERVICE_CONFIGSTORE/.password-set-control"
set -e
if [ -e "$PASSWORD_SET_CONTROL" ]; then
exit 0
fi
containers=($(get_running_containers_for_service "$SERVICE_NAME"))
if [ "${#containers[@]}" == 0 ]; then
err "no containers found for service ${DARKYELLOW}$SERVICE_NAME${NORMAL}"
exit 1
fi
## It is not possible at first glance to reset password, so we decided
## to set to admin/admin. This means it is important to change the
## admin password as soon as possible.
## XXXvlab: taking the first container
container_id="${containers[0]}"
docker exec "$container_id" \
/opt/jboss/keycloak/bin/add-user-keycloak.sh \
-u "admin" -p "admin"
docker restart "$container_id"
mkdir -p "${PASSWORD_SET_CONTROL%/*}" && touch "$PASSWORD_SET_CONTROL"

9
keycloak/hooks/postgres_database-relation-joined

@ -10,9 +10,8 @@ config-add "\
services: services:
$MASTER_BASE_SERVICE_NAME: $MASTER_BASE_SERVICE_NAME:
environment: environment:
DB_VENDOR: postgres
DB_ADDR: \"$MASTER_TARGET_SERVICE_NAME\"
DB_DATABASE: \"$DBNAME\"
DB_PASSWORD: \"$PASSWORD\"
DB_USER: \"$USER\"
KC_DB_URL: \"jdbc:postgresql://$MASTER_TARGET_SERVICE_NAME:5432/$DBNAME\"
KC_DB_USERNAME: \"$USER\"
KC_DB_PASSWORD: \"$PASSWORD\"
KC_DB: \"postgres\"
" "

7
keycloak/hooks/web_proxy-relation-joined

@ -1,11 +1,16 @@
#!/bin/bash #!/bin/bash
DOMAIN=$(relation-get domain) || exit 1
set -e set -e
config-add "\ config-add "\
services: services:
$MASTER_BASE_SERVICE_NAME: $MASTER_BASE_SERVICE_NAME:
environment: environment:
PROXY_ADDRESS_FORWARDING: \"true\"
KC_HOSTNAME: "$DOMAIN"
KC_PROXY: edge
KC_HTTP_ENABLED: \"true\"
KC_HOSTNAME_STRICT: \"false\"
" "

4
keycloak/metadata.yml

@ -1,4 +1,6 @@
docker-image: docker.0k.io/keycloak:16.1.1 ## jboss/keycloak:16.1.1
data-resources:
- /opt/keycloak/themes
default-options: default-options:

31
mailhog/metadata.yml

@ -0,0 +1,31 @@
docker-image: docker.0k.io/mailhog:1.0.1 ## from: mailhog/mailhog:v1.0.1
data-resources:
- /home/mailhog
default-options:
uses:
web-proxy:
#constraint: required | recommended | optional
#auto: pair | summon | none ## default: pair
constraint: recommended
auto: pair
solves:
proxy: "Public access"
default-options:
target: !var-expand ${MASTER_BASE_SERVICE_NAME}:8025
backup:
constraint: recommended
auto: pair
solves:
backup: "Automatic regular backup"
default-options:
## First pattern matching wins, no pattern matching includes.
## include-patterns are checked first, then exclude-patterns
## Patterns rules:
## - ending / for directory
## - '*' authorized
## - must start with a '/', will start from $SERVICE_DATASTORE
#exclude-patterns:
# - "/var/lib/odoo/sessions/"

72
monujo/lib/common

@ -11,61 +11,85 @@ monujo:code_init() {
mkdir -p "$LOCATION" mkdir -p "$LOCATION"
if dir_is_empty "$LOCATION"; then if dir_is_empty "$LOCATION"; then
cd "$LOCATION" cd "$LOCATION"
wget -q "$SOURCE_URL" -O file.tar.bz2
tar xjf file.tar.bz2
info "First install, downloading '$SOURCE_URL'."
wget -q "$SOURCE_URL" -O file.tar.bz2 || {
err "Couldn't download '$SOURCE_URL'."
rm file.tar.bz2 rm file.tar.bz2
return 1
}
tar xjf file.tar.bz2 &&
rm file.tar.bz2 &&
chown root:root "$LOCATION" -R chown root:root "$LOCATION" -R
fi fi
} }
monujo:code_config_base() {
MONUJO_OPTIONS=(
export MONUJO_OPTIONS=(
lokapi-host:string lokapi-host:string
lokapi-db:string lokapi-db:string
map-url:string map-url:string
local-password-retention-time:string
local-password-retention-time:numeric
theme:struct\*
) )
MONUJO_OPTIONS_CONCAT=" ${MONUJO_OPTIONS[*]} "
export MONUJO_OPTIONS_CONCAT=" ${MONUJO_OPTIONS[*]} "
monujo:code_config_base() {
local service_def
service_def=$(get_compose_service_def "$SERVICE_NAME") || return 1 service_def=$(get_compose_service_def "$SERVICE_NAME") || return 1
echo "{}" > "$CONFIGFILE"
options=$(e "$service_def" | shyaml get-value -y options) || true
e "$options" |
monujo:json-make > "$CONFIGFILE" || {
err "Failed to make 'config.json'."
return 1
}
}
monujo:json-make() {
local conv="$1" key val
## XXXvlab: Should probably offer some lib to do this ## XXXvlab: Should probably offer some lib to do this
local sep=
while read-0 key val; do while read-0 key val; do
key_option=${key//-/_}
key=$(e "$key" | shyaml get-value)
case "$MONUJO_OPTIONS_CONCAT" in case "$MONUJO_OPTIONS_CONCAT" in
*" ${key_option}:bool "*)
*" ${key}:bool "*)
case "${val,,}" in case "${val,,}" in
true|ok|yes|y) true|ok|yes|y)
val=yes
val=true
;; ;;
false|ko|nok|no|n) false|ko|nok|no|n)
val=no
val=false
;; ;;
*) *)
die "Invalid value for ${WHITE}$key$NORMAL, please use a boolean value." die "Invalid value for ${WHITE}$key$NORMAL, please use a boolean value."
;; ;;
esac esac
;; ;;
*" ${key_option}:numeric "*)
*" ${key}:numeric "*)
val=$(e "$val" | shyaml get-value)
if ! is_int "$val"; then if ! is_int "$val"; then
die "Invalid value for ${WHITE}$key$NORMAL, please use numeric value."
err "Invalid value for ${WHITE}$key$NORMAL, please use numeric value."
return 1
fi fi
;; ;;
*" ${key_option}:string "*)
:
*" ${key}:struct* "*)
val=$(e "$val" | monujo:json-make noconv) || return 1
;; ;;
*)
key_option=$(echo "$key_option" | sed 's/_\([a-z0-9]\)/\U\1/g')
printf "%s %s\0" "$key_option" "$val"
*" ${key}:struct "*)
val=$(e "$val" | monujo:json-make) || return 1
;;
*" ${key}:string "*|*)
val=$(e "$val" | shyaml get-value | jq -Rr tojson)
;; ;;
esac esac
done < <(printf "%s" "$service_def" | shyaml key-values-0 options) |
jq -R 'split("\u0000") | map(split(" ") | {key: .[0], value: .[1]}) | from_entries' > \
"$CONFIGFILE"
if [ -z "$conv" ]; then
key=$(echo "${key//-/_}" | sed 's/_\([a-z0-9]\)/\U\1/g')
fi
printf "$sep%s\0%s" "$key" "$val"
sep="\0\0"
done < <(shyaml key-values-0 -y) |
jq -sR 'split("\u0000\u0000") | map(split("\u0000") | {key: .[0], value: .[1] | fromjson}) | from_entries'
} }

7
peertube/build/Dockerfile

@ -13,7 +13,7 @@ FROM common AS builder
## Download target release ## Download target release
## ##
ENV PEERTUBE_RELEASE=v3.3.0
ENV PEERTUBE_RELEASE=v4.1.0
RUN apk add wget RUN apk add wget
@ -91,7 +91,10 @@ VOLUME /etc/peertube
EXPOSE 9000 EXPOSE 9000
RUN apk add nodejs npm RUN apk add nodejs npm
## needed for plugins install
RUN apk add yarn
## needed for live chat plugin
RUN apk add prosody
## runtime deps ## runtime deps
RUN apk add openssl RUN apk add openssl

2
peertube/build/docker-compose.yml

@ -1,4 +1,4 @@
version: "3.3"
version: "4.1"
services: services:

11
postgres/hooks/postgres_database-relation-joined

@ -51,8 +51,15 @@ ensure_db_docker_running
## XXXvlab: should send all these into only one docker... ## XXXvlab: should send all these into only one docker...
if ! db_has_database "$DBNAME"; then if ! db_has_database "$DBNAME"; then
db_create "$DBNAME" || exit 1
INITDB_ARGS=(encoding lc-collate lc-ctype template)
CREATEDB_OPTS=()
for option in "${INITDB_ARGS[@]}"; do
value="$(relation-get "$option" 2>/dev/null)" || true
if [ -n "$value" ]; then
CREATEDB_OPTS+=("--$option=$value")
fi
done
db_create "$DBNAME" "${CREATEDB_OPTS[@]}" || exit 1
if sql=$(relation-get init-sql); then if sql=$(relation-get init-sql); then
ddb "$DBNAME" > /dev/null < <(e "$sql") || exit 1 ddb "$DBNAME" > /dev/null < <(e "$sql") || exit 1
fi fi

3
postgres/lib/common

@ -63,7 +63,8 @@ db_drop () {
db_create () { db_create () {
local dbname="$1" local dbname="$1"
dcmd createdb "$dbname" || return 1
shift
dcmd createdb "$dbname" "$@" || return 1
info "Database '$dbname' created." info "Database '$dbname' created."
} }

Loading…
Cancel
Save